Chris Soghoian’s focus in this entry is on private sector companies providing assistance to the government by developing tools for intercepting communications.
Alright, so if they can’t force Google to put a backdoor in Android OS, and if they can’t force Apple to put a backdoor in their software, what are they going to do? How is the Government going to get your communications? What about when they want to listen in to a conversation you are having in your living room, where you are not even using your device? Are they supposed to break in in the middle of the night and install a microphone like they did in the 1970’s? No, they want other ways to access data.
Particularly as consumers have started using services like Skype, and we will talk about Skype later, but services like Skype that have some form of encryption, governments have been having problems, and remember the government isn’t one big beast. The FBI or NSA may have tools to access certain applications but that doesn’t mean they share those toys with local law enforcement agencies. The NSA doesn’t share their secret backdoors with the likes of local cops in Arizona or Nevada. Those folks have to do things the hard way.
It’s also important to note that not all governments are the same. Google has an office, in fact its main office, in California; and Microsoft’s headquarters is in Seattle. Google and Microsoft have to take orders from the U.S. Government. When there is a valid court order, the companies have to provide access to the U.S. Government. But Google doesn’t have an office in Iran. Microsoft doesn’t have an office in Libya, and so if those governments want to get their citizens’ communications, now that Google and Microsoft and others are starting to use SSL, those other governments are really going dark.
In the countries where Google and Facebook and Microsoft don’t have offices and don’t respond to requests, those governments are having a really tough time because of the use of services like Skype, like Twitter, like Facebook. They used to be able to get access through their local, in many cases nationalized telephone company, and now they are going dark, and so those governments are turning to hacking tools too.What we are seeing is an emergence of the private sector helping companies that are helping governments. The ones that have gotten the most press, the first is a company called Gamma, they make a software suite called FinFisher. FinFisher has gotten a lot of press in the last couple of years starting with a dump of documents by WikiLeaks, and then the excellent work of The Citizen Lab in Canada which exposed the use of this software. They have a really cheesy sales video online that I recommend you look at, so this is the target using iTunes and then getting a malicious man-in-the-middle to update through iTunes. And then the police officer sitting at the remote operating center can spy on the calls and text messages and emails of the user (see right-hand image). This is the CEO of Gamma, his name is Martin Muench (see left-hand image). You may not know Martin’s name but you probably know Martin’s work. Before he was in the government surveillance business, Martin created a Linux distribution called BackTrack, which is very popular with this community, and so Martin pivoted from providing open-source security tools to providing closed-source government interception tools.
This is my favorite photo of Martin. He is a German guy, without any shame he sells his software to governments around the world. And one of the things his software can do is to remotely activate webcams without the targets’ knowledge. And you can see that he is concerned about this capability because if you zoom in on his laptop you can see he has a little post-it note over his webcam. He clearly knows what his own software can do.So, because of the work of the folks at Citizen Lab, we know that Gamma software has been exported to Mexico, Ethiopia. It has been used by seriously oppressive regimes in the Middle East and in South-East Asia (see right-hand image). Now, the company says that it’s used for lawful interception and targeting of terrorists and pedophiles and criminals, but from what we know it has been frequently used to target journalists and human rights activists and dissidents. And so, Gamma is one of these companies providing off-the-shelf tools to governments. The police don’t have the resources to develop this stuff in-house, so they just buy this off-the-shelf spyware from companies like Gamma.
Through the last couple of years newspapers have covered this, The Times and Bloomberg have described the spread of this stuff. And the sale of this technology is really unregulated, basically any governments, except for the ones on international blacklists, can buy it.The other big company is a company called Hacking Team. They’re an Italian company, they make something called the Remote Control System, otherwise known as Da Vinci (see left-hand image). They have a sales video, too, that appears to be targeted to 13-year-old boys. Their marketing stuff says: “Defeat encryption. Total control over your targets. Log everything you need. Thousands of encrypted communications per day guaranteed. Get them, in the clear.” And this software, really, is sold to law enforcement agencies who are trying to deal with things like Skype.
If you are the government of Turkmenistan and there are journalists in your country who are using Skype to communicate, how do you get the contents of their calls when you need them? The phone company in town can’t help, you go to Gamma or Hacking Team and they provide you these tools. This is, again, from Hacking Team’s literature; they say they can get encrypted voice, location, audio and video spying, web browsing activities, relationships. They get anything that is on a computer without the knowledge of the target.Hacking Team in recent years has expanded into the U.S. market. I believe in the spring of this year they hired this man, his name is Eric (see right-hand photo), he used to be a spokesperson for Verizon and now he is the U.S. counsel for Hacking Team. They have an office in Annapolis, Maryland, just an hour outside of D.C. We don’t know whether Hacking Team has successfully sold any products to the domestic U.S. law enforcement market, but they are showing up at conferences that are only open to law enforcement and intelligence agencies in Washington, D.C. (see left-hand image). They also went to a conference in Chicago this April, the Law Enforcement Intelligence Units Association (see image below). Not only did Hacking Team give a talk at this conference – this is a conference targeting local cops around the country – but they also sponsored the coffee break in the afternoon.
And so, if Hacking Team hasn’t sold a product to a local law enforcement agency yet, it’s not because they haven’t been trying. Alright, they have been showing up at these conferences for several years. They are actively targeting the law enforcement market, and I think if they haven’t succeeded already they will succeed soon and get a sale in a small town.
Now, Hacking Team and Gamma Software is the kind of stuff that local cops and governments without too much money use. You know, this is a couple hundred thousand or maybe a million dollars. It’s the kind of thing you buy with a DHS grant. This is not what you use if you are a sophisticated law enforcement agency with big bucks.
Read previous: The Next Crypto Wars 3: Government Mandating Backdoors